web_requests_controller.rb 2.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869
  1. # This controller is designed to allow your Agents to receive cross-site Webhooks (POSTs), or to output data streams.
  2. # When a POST or GET is received, your Agent will have #receive_web_request called on itself with the incoming params,
  3. # method, and requested content-type.
  4. #
  5. # Requests are routed as follows:
  6. # http://yourserver.com/users/:user_id/web_requests/:agent_id/:secret
  7. # where :user_id is a User's id, :agent_id is an Agent's id, and :secret is a token that should be user-specifiable in
  8. # an Agent that implements #receive_web_request. It is highly recommended that every Agent verify this token whenever
  9. # #receive_web_request is called. For example, one of your Agent's options could be :secret and you could compare this
  10. # value to params[:secret] whenever #receive_web_request is called on your Agent, rejecting invalid requests.
  11. #
  12. # Your Agent's #receive_web_request method should return an Array of json_or_string_response, status_code,
  13. # optional mime type, and optional hash of custom response headers. For example:
  14. # [{status: "success"}, 200]
  15. # or
  16. # ["not found", 404, 'text/plain']
  17. # or
  18. # ["<status>success</status>", 200, 'text/xml', {"Access-Control-Allow-Origin" => "*"}]
  19. class WebRequestsController < ApplicationController
  20. skip_before_action :verify_authenticity_token
  21. skip_before_action :authenticate_user!
  22. wrap_parameters false
  23. def handle_request
  24. user = User.find_by_id(params[:user_id])
  25. if user
  26. agent = user.agents.find_by_id(params[:agent_id])
  27. if agent
  28. content, status, content_type, headers = agent.trigger_web_request(request)
  29. if headers.present?
  30. headers.each do |k, v|
  31. response.headers[k] = v
  32. end
  33. end
  34. status ||= 200
  35. if status.to_s.in?(%w[301 302])
  36. redirect_to(content, allow_other_host: true, status:)
  37. elsif content.is_a?(String)
  38. render plain: content, status:, content_type: content_type || 'text/plain'
  39. elsif content.is_a?(Hash)
  40. render(json: content, status:)
  41. else
  42. head(status)
  43. end
  44. else
  45. render plain: 'agent not found', status: 404
  46. end
  47. else
  48. render plain: 'user not found', status: 404
  49. end
  50. end
  51. # legacy
  52. def update_location
  53. if user = User.find_by_id(params[:user_id])
  54. secret = params[:secret]
  55. user.agents.of_type(Agents::UserLocationAgent).each do |agent|
  56. agent.trigger_web_request(request) if agent.options[:secret] == secret
  57. end
  58. render plain: 'ok'
  59. else
  60. render plain: 'user not found', status: :not_found
  61. end
  62. end
  63. end